OBSOLETE Patch-ID# 124207-02


Download this patch from My Oracle Support

Your use of the firmware, software and any other materials contained in this update is subject to My Oracle Support Terms of Use, which may be viewed at My Oracle Support.
For further information on patching best practices and resources, please see the following links:
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.

Keywords: security libtsol libtsnet
Synopsis: Obsoleted by: 118855-36 SunOS 5.10_x86: libtsol patch
Date: Nov/03/2006


Install Requirements: After installing this patch on an active boot environment, the system will be in a potentially inconsistent state until a reconfigure reboot is performed. Unless otherwise specified in the Special Install Instructions below, it is normally safe to apply further patches prior to initiating the reboot due to the relatively small footprint of the patch utilities. Normal operations must not be resumed until after the reconfigure reboot is performed.
Use Single User Mode (run level S) when installing this patch on an active boot environment. An alternative may be specified in the Special Install Instructions.

Solaris Release: 10_x86

SunOS Release: 5.10_x86

Unbundled Product:

Unbundled Release:

Xref: This patch available for SPARC as patch 124206

Topic: SunOS 5.10_x86: libtsol patch

Relevant Architectures: i386

Bugs fixed with this patch:

Sun CR # Bug #
123694114910325
503997415209117
508082115220971
622774415248678
624970715257947
626822915264983
627022515265786
629327115274849
631321415282696
635595315299998
635776415300730
637831615309542
638805015314012
638926415314588
639189315315652
639455415317056
639856415319153
639996315319742
640326715321140
640405115321448
640429015321551
640456315321648
640465415321696
640472915321733
640487715321809
640540015322059
640577715322260
640609715322419
640740215323034
640792015323259
641140015324534
641198015324763
641247115324936
641376715325448
641380915325466
641479715325844
641552815326159
641553515326164
643150315332877
643360315333708
643591115334427
645005215340721
645740715344418
645866815344958
646563915348242


Changes incorporated in this version: 1236941 6357764 6388050 6415535 6435911 6457407 6458668 6465639

Patches accumulated and obsoleted by this patch:

Patches which conflict with this patch:

Patches required with this patch:

Obsoleted by: 118855-36

Files included with this patch:

/lib/amd64/libtsnet.so
/lib/amd64/libtsnet.so.1
/lib/amd64/libtsol.so
/lib/amd64/libtsol.so.2
/lib/amd64/llib-ltsnet.ln
/lib/amd64/llib-ltsol.ln
/lib/libtsnet.so.1
/lib/libtsol.so
/lib/libtsol.so.2
/lib/llib-ltsnet
/lib/llib-ltsnet.ln
/lib/llib-ltsol
/lib/llib-ltsol.ln
/usr/lib/amd64/libtsnet.so
/usr/lib/amd64/libtsnet.so.1
/usr/lib/amd64/libtsol.so
/usr/lib/amd64/libtsol.so.2
/usr/lib/amd64/llib-ltsnet.ln
/usr/lib/amd64/llib-ltsol.ln
/usr/lib/libtsnet.so
/usr/lib/libtsnet.so.1
/usr/lib/libtsol.so
/usr/lib/libtsol.so.2
/usr/lib/llib-ltsnet.ln
/usr/lib/llib-ltsol.ln

Problem Description:

6465639 useradd usermod passmgmt need support for Trusted Extensions keywords
1236941 would like usermod -c to not abort if the user is logged in
6357764 monitor manipulation in FEM panics system
6388050 the message for successful password update is a PAM_ERROR_MSG
6415535 audit_event TX code review issues
6435911 root can't login via console CLI if label daemon is not running
6457407 the fix for 6431503 broke printer banners for complex labels
6458668 TX route get changes can cause panic if passed an ioctl with NULL credentials
 
(from 124207-01)
 
5080821 auditconfig(1M)'s usage message is not up-to-date
6249707 auditconfig has unused variables
6378316 auditconfig has undocumented commands that do nothing and undocumented redundant commands
6398564 auditconfig TX code review issues
6407402 named pipes should work between labeled zones to support write up
6411980 getlabel(2) returns wrong label for lofs mounted FIFOs
6415528 syslog plugin TX code review issues
6431503 label_to_str printer_caveats and printer_channels always start with a space
6433603 panic occurs when setting the audit flags to "all"
6394554 integrate Solaris Trusted Extensions
5039974 modhash could do with an mdb walker
6227744 sys/modhash.h has an unnecessary nested include
6268229 gcc and snoop don't get along
6270225 gcc and route don't get along
6293271 Zone processes should use zone_kcred instead of kcred
6313214 hextoalabel(1M) succeeds with hexadecimal label that is invalid by one character
6355953 assertion failed: cpu == CPU, file: ../../i86pc/vm/hat_i86.c, line: 925
6403267 address remaining issues raised during TX code reviews
6389264 acl_totext needs support for bypassing nameservice lookup
6391893 acl_totext support for bypassing nameservice lookup needs to support ZFS-style ACLs
6399963 get_zone_pool() isn't consistent with its return values ##patch3# 123423-01
6404051 ABI versioning is missing for sparcv9 and amd64 libtsnet
6404290 snoop uses is_system_labeled as if it were a variable
6404563 Trusted integration breaks part of ucred propagation
6404654 zoneadm mount command fails on labeled systems
6404729 libtsol changes needed for gcc
6404877 classifications should be ranged checked during label conversions
6405400 sctp_send_abort() tips over referencing uninitialized variable
6405777 SCTP cannot find a correct source address
6406097 tsol_option_set breaks userland IP option setting
6407920 TX panic during lo_mount
6411400 Solaris trusted extensions putback breaks SC build
6412471 str_to_label error offsets into the string are dependent on leading spaces
6413767 sort out libc versions for U3 (and TLC)
6413809 Trusted Extensions automount daemon failure in reading-down over NFS
6414797 code in zone_find_by_any_path generates bad assembly code and panics, can be worked around with change
6450052 missing TX deliverables


Patch Installation Instructions:
--------------------------------
 
For Solaris 2.0-2.6 releases, refer to the Install.info file and/or
the README within the patch for instructions on using the generic
'installpatch' and 'backoutpatch' scripts provided with each patch.
 
For Solaris 7-10 releases, refer to the man pages for instructions
on using 'patchadd' and 'patchrm' scripts provided with Solaris.
Any other special or non-generic installation instructions should be
described below as special instructions.  The following example
installs a patch to a standalone machine:
 
       example# patchadd /var/spool/patch/104945-02
 
The following example removes a patch from a standalone system:
 
       example# patchrm 104945-02
 
For additional examples please see the appropriate man pages.


Special Install Instructions:
-----------------------------
 
Not all patches listed in this section as needed for the completion
of a fix or feature, may be available at the same time as this patch.
This allows the remaining fixes/features to be made available sooner.
 
NOTE 1:  If you're planning to set up Zones on this system, please make
         sure to install the following patch which fixes bugid 6216195
         (zone installation confused by UPDATE=yes in pkginfo(4) file):
 
         119016-01 (or greater)  Install and Patch Utilities Patch
 
         (Note that 119255 has superseded 119016; installation of the
          current version is recommended to be preferred, due to its
          central role in the installation and removal of patches.)
 
NOTE 2:  To get the complete Solaris Trusted Extensions functionality
         support, please also install the following patches:
 
         118855-25 (or greater)  kernel patch
         118891-03 (or greater)  llib-lc patch
         120037-08 (or greater)  ldap patch
         120053-04 (or greater)  pam library patch
         120846-02 (or greater)  audit patch
         122659-06 (or greater)  zonecfg patch
         122661-03 (or greater)  zoneadm patch
         122663-06 (or greater)  libzonecfg patch
         123840-01 (or greater)  FMA Patch


README -- Last modified date: Saturday, November 10, 2012